Facebook farce

The social networking site's change in its privacy terms is a cautionary tale for its users.

Be honest. Sometime soon, you -- like millions of others around the world -- are going to log in to your Facebook account to announce what you're doing, upload a few photos from your weekend escapades, write a "25 Random Things About Me" note or find some other way to avoid the work you're supposed to be doing. But you might want to reconsider. As of Feb. 4, Facebook has claimed rights to all your data in perpetuity. The decision, which outraged many of the social network's 175 million members, is a reminder of how vulnerable Internet users are to the whims of the companies they trust online.

Facebook became the world's most popular social network by enabling people to assemble private groups of friends and broadcast information to them about their lives. It initially assured users that when they removed items or quit the network, any rights it claimed to the uploaded material would end. But earlier this month, the company oh-so-quietly excised that assurance from its terms of service and reinforced its never-ending right to use anything anyone posts -- notes, photos, videos, personal details -- "on or in connection with" the site. It also granted itself broad rights to use members' names and likenesses on the site or in its advertisements.

Chief Executive Mark Zuckerberg says there's nothing to worry about, and a company spokesman has clarified that the changes don't trump users' privacy settings. Still, the new policy is clearly designed to give the company more leeway with the data posted by users, particularly those who've quit the network. After igniting protests last year with an ill-conceived effort to turn members into unwitting product hucksters, Facebook should know better. Successful Web-based businesses act on users' data only with their explicit permission. Even users of social networks expect that their data will be shared only within a network that they control, or for marketing purposes disclosed in advance. The only notice Facebook provided was in a blandly worded post on an obscure company blog, when it was too late for users to protect themselves by deleting their accounts.

Facebook should amend its terms of service to bar any commercial use of members' data without their permission and renounce claims over the items they remove. It also should give members advance notice of changes that affect privacy rights. Regardless of what Facebook does next, though, its latest misstep is a cautionary tale for the Net generation. The lessons are that people should be cautious about what they post, and should take their business away from online companies that stop valuing their privacy. We'd love to see another social network compete by offering better privacy protections than Facebook's. Unfortunately, those protections would be written in the ether, not concrete.